Symptoms
Cannot pair agents from linked clone, full clone, manual pools.In admin UI you see-- "No network communication between the View Agent and Connection Server".
Cause
This is caused by agents installed in FIPs and CS in non-FIPs or vice versa.CS in FIPs and agent in non-FIPs:
In this case, agent sends the CHANGEKEY request, but the CS rejects the request.In the agent logs at <DriveLetter>\ProgramData\Vmware\VDM\logs--DEBUG (10A4-24BC) <Thread-3> [BrokerUpdateUtility] Published CHANGEKEY requestDEBUG (10A4-24BC) <Thread-3> [BrokerUpdateUtility] Timeout waiting for success responseAnd in the CS logs we see CHANGEKEY request got rejected because of which agent timed out waiting --DEBUG (1608-1BF4) <DesktopControlJMS> [JMSMessageSecurity] Identity validation failure trace com.vmware.vdi.logger.Logger.debug(Logger.java:44)java.lang.Exception: Identity validation failed: UNKNOWN is not known identity for: agent/1828b6d1-201c-4e1d-a6c7-1f325b209dd6 at com.vmware.vdi.messagesecurity.JMSMessageSecurity.a(SourceFile:577) at com.vmware.vdi.messagesecurity.JMSMessageSecurity.validateAndCheckWithHandler(SourceFile:451) at com.vmware.vdi.desktoptracker.DesktopTracker.a(SourceFile:1879) at com.vmware.vdi.desktoptracker.DesktopTracker.a(SourceFile:925) at com.vmware.vdi.desktoptracker.DesktopTracker$1.run(SourceFile:805) at java.base/java.lang.Thread.run(Unknown Source)WARN (1608-1BF4) <DesktopControlJMS> [DesktopTracker] CHANGEKEY message from agent/1828b6d1-201c-4e1d-a6c7-1f325b209dd6 is discarded as it cannot be validated
Agent in FIPs and CS in non-FIPs:
In this case, CHANGEKEY is successful, but agent cannot connect later to port 4002 for secure communication with the CS. We see this in the agent logs at <DriveLetter>\ProgramData\Vmware\VDM\logs--2021-05-13T16:19:56.791+05:30 DEBUG (0474-0EBC) <Thread-3> [JmsManager] Unable to connect to JMS server xxxxxxxxxxxxxcom.vmware.vdi.logger.Logger.debug(Logger.java:44)javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake at java.base/sun.security.ssl.SSLSocketImpl.handleEOF(Unknown Source) at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source) at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
Resolution
Horizon do not support mixed mode (FIPs and non-FIPs). You should ensure that both CS and agents are installed in FIPs mode or vice-versa.
Related Information
For an alternative reason to see this error message in the Admin UI please see KB 89582
